package com.zillion.web.controller.system;

import com.zillion.common.constant.Constants;
import com.zillion.common.core.domain.AjaxResult;
import com.zillion.common.utils.StringUtils;
import com.zillion.framework.web.service.TokenService;
import com.zillion.framework.web.service.SsoUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

/**
 * 单点登录回调控制器
 */
@RestController
@RequestMapping("/sso")
public class SsoLoginController {

    @Autowired
    private SsoUserService ssoUserService;

    @Autowired
    private TokenService tokenService;

    /**
     * 自然人(个人)单点登录入口
     * URL 示例: <a href="http://127.0.0.1:9100/sso/perLogin?ticket=xxx&authCode=xxx"></a>
     */
    @GetMapping("/perLogin")
    public AjaxResult handleSsoPerLogin(HttpServletRequest request) {
        AjaxResult ajax = AjaxResult.success();
        // 1.获取重定向返回的授权码
        // String ticket = request.getParameter("ticket");
        String authCode = request.getParameter("authCode"); // 获取授权码

        // 2.根据appmark获取授权令牌
        String accessToken = ssoUserService.getAccessTokenByAppMark();

        // 3.根据授权令牌获取ticket
        String ticket = ssoUserService.getTicketByAuthCode(accessToken, authCode);

        // 4.根据ticket获取用户token
        String tokenSNO = ssoUserService.getTokenSNOByTicket(accessToken, ticket);

        if (StringUtils.isEmpty(ticket) || StringUtils.isEmpty(authCode)) {
            return AjaxResult.error("缺少 ticket 或 authCode 参数");
        }
        // 5.生成令牌
        String token = ssoUserService.loginWithTicketAndAuthCode(ticket, authCode, tokenSNO, accessToken, "perLogin");

        // 返回令牌给前端
        ajax.put(Constants.TOKEN, token);
        return ajax;
    }

    /**
     * 法人(单位)单点登录入口
     * URL 示例: /sso/login?ticket=xxx&authCode=xxx
     */
    @GetMapping("/corLogin")
    public AjaxResult handleSsoCorLogin(HttpServletRequest request) {
        AjaxResult ajax = AjaxResult.success();
        // 1.获取重定向返回的授权码
        // String ticket = request.getParameter("ticket");
        String authCode = request.getParameter("authCode"); // 获取授权码

        // 2.根据appmark获取授权令牌
        String accessToken = ssoUserService.getAccessTokenByAppMark();

        // 3.根据授权令牌获取ticket
        String ticket = ssoUserService.getTicketByAuthCode(accessToken, authCode);

        // 4.根据ticket获取用户token
        String tokenSNO = ssoUserService.getTokenSNOByTicket(accessToken, ticket);

        if (StringUtils.isEmpty(ticket) || StringUtils.isEmpty(authCode)) {
            return AjaxResult.error("缺少 ticket 或 authCode 参数");
        }
        // 5.生成令牌
        String token = ssoUserService.loginWithTicketAndAuthCode(ticket, authCode, tokenSNO, accessToken, "corLogin");

        // 返回令牌给前端
        ajax.put(Constants.TOKEN, token);
        return ajax;
    }
}
